Email bug submission fails due to erroneous bad signature detection

Scott, I get the following from copy and pasting the message:

{{{
$ gpg --verify scott.txt
gpg: Signature made Wed 29 Sep 2010 14:30:17 BST using DSA key ID DDCD686A
gpg: requesting key DDCD686A from hkp server wwwkeys.eu.pgp.net
gpg: key DDCD686A: public key "Donald Scott Kitterman <email address hidden>" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 3 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 3u
gpg: depth: 1 valid: 1 signed: 1 trust: 0-, 0q, 0n, 0m, 1f, 0u
gpg: depth: 2 valid: 1 signed: 5 trust: 1-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2011-09-14
gpg: Total number processed: 1
gpg: imported: 1
gpg: BAD signature from "Donald Scott Kitterman <email address hidden>"
}}}

Can you try attaching the message to this bug report in case Launchpad is introducing some white-space or other formatting issues?

Attached. I checked and the signature verifies here.

I made a mistake, the signature in the description and your attachment both verify for me now. Sorry.

Scott, are you consistently getting this error and now unable to file bugs via email?

I got this error for two submissions in a row (tried this one twice) before I gave up and submitted via the web interface. The mail was submitted via the requestsync script in ubuntu-dev-tools. I don't recall if I tried another one after this or not.

Can you file a bug directly on staging using <email address hidden> and let us confirm if we have a problem with malone or if it's in the requestsync script?

Thanks!

That doesn't make any sense. We've already established that the message had a valid signature when LP received it (the one I attached is what I got back from LP when it rejected it), so requestsync's got nothing to do with it. If it's signed when LP receives the message, LP ought to process it correctly.

Scott, I agree, but there may have been something else about the way reportsync prepared or submitted the message that caused it to fail. My feeling is that it's a bug in Launchpad, but we could do with some help to narrow down the cause.

Since you've got the text of what it submitted, I fail to see what that adds.
Next time I need to report a bug, I'll try it though.

https://bugs.launchpad.net/ubuntu/+source/lastfm/+bug/653721 was filed using requestsync and worked.

I also sent (using my MUA) the same bug to staging.

Here's a hint though ....

The copy of the bug I got back has two copies of the signed mail. One (the top one) fails to verify. The other, the bottom one, verifies fine. Note the difference in the work wrapping.

Return-Path: <email address hidden>
Delivered-To: kitterma-kitterman:<email address hidden>
X-Envelope-To: <email address hidden>
Received: (qmail 17908 invoked by uid 3013); 2 Oct 2010 18:55:38 -0000
Delivered-To: kitterma-kitterman:<email address hidden>
Received: (qmail 17905 invoked from network); 2 Oct 2010 18:55:38 -0000
Received: from mailwash7.pair.com (66.39.2.7)
  by raung.pair.com with SMTP; 2 Oct 2010 18:55:38 -0000
Received: from localhost (localhost [127.0.0.1])
 by mailwash7.pair.com (Postfix) with SMTP id 502ABBAD6
 for <email address hidden>; Sat, 2 Oct 2010 14:55:38 -0400 (EDT)
X-Virus-Check-By: mailwash7.pair.com
X-Spam-Check-By: mailwash7.pair.com
X-Spam-Status: No, hits=-2.9 required=3.5 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.002005
X-Spam-Flag: NO
X-Spam-Level:
X-Spam-Filtered: e5ffa8d1346811c78a1c1beaefd60800
X-Whitelisting: sender whitelisted by rule [.*@canonical\.com]
Received: from adelie.canonical.com (adelie.canonical.com [91.189.90.139])
 by mailwash7.pair.com (Postfix) with ESMTP id 59E83BAF1
 for <email address hidden>; Sat, 2 Oct 2010 14:55:32 -0400 (EDT)
Received: from loganberry.canonical.com ([91.189.90.37])
 by adelie.canonical.com with esmtp (Exim 4.69 #1 (Debian))
 id 1P27F4-0000Az-US
 for <email address hidden>; Sat, 02 Oct 2010 19:55:31 +0100
Received: from loganberry.canonical.com (localhost [127.0.0.1])
 by loganberry.canonical.com (Postfix) with ESMTP id 2309E2E80E4
 for <email address hidden>; Sat, 2 Oct 2010 18:55:30 +0000 (UTC)
MIME-Version: 1.0
Content-Type: text/plain;
  charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Date: Sat, 02 Oct 2010 18:48:57 -0000
From: Scott Kitterman <email address hidden>
To: <email address hidden>
Reply-To: Bug 653721 <email address hidden>
Sender: <email address hidden>
X-Launchpad-Bug: distribution=ubuntu; sourcepackage=lastfm; component=universe;
 status=Confirmed; importance=Wishlist; assignee=None;
X-Launchpad-Bug-Private: no
X-Launchpad-Bug-Security-Vulnerability: no
X-Launchpad-Bug-Commenters: kitterman
X-Launchpad-Bug-Reporter: Scott Kitterman (kitterman)
X-Launchpad-Bug-Modifier: Scott Kitterman (kitterman)
References: <email address hidden>
Message-Id: <email address hidden>
Subject: [Bug 653721] [NEW] Sync lastfm 1:1.5.4.26862+dfsg-5 (universe) from
 Debian unstable (main)
X-Launchpad-Message-Rationale: Subscriber
Errors-To: <email address hidden>
Precedence: bulk
X-Generated-By: Launchpad (canonical.com); Revision="None";
 Instance="initZopeless config overlay"
X-Launchpad-Hash: 164a01df22a8264c8081c40de362bf43d686f14e
X-UID: 188578
X-Length: 5171
Status: R
X-Status: N
X-KMail-EncryptionState:
X-KMail-SignatureState:
X-KMail-MDN-Sent:

Public bug reported:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects ubuntu/lastfm
 status confirmed
 importance wishlist
 subscribe ubuntu-archive
 done

Please sync lastfm 1:1.5.4.26862+dfsg-5 (u...

FWIW this is now getting dups from CoC signings, I'm positive it is nothing external and a launchpad code / deployment issue.

BadSignatures do happen normally so I doubt we generate an OOPS for them (and that is actually appropriate) - but we do need some way to turn on gathering data for this to debug it.

Robert, should we make this a Foundations bug then?

On Tue, Oct 5, 2010 at 12:59 AM, Deryck Hodge
<email address hidden> wrote:
> Robert, should we make this a Foundations bug then?

I guess, I never know where to put bugs - its one code base right?

_Rob

I was asking if you thought there was value in having the Foundations team look at this bug, if they were aware of this or not. I'll retarget and let Gary or someone else decide if it's more of a foundations area than malone. If not, they can feel free to kick back to malone.

On Tue, Oct 5, 2010 at 7:55 AM, Deryck Hodge <email address hidden> wrote:
> I was asking if you thought there was value in having the Foundations
> team look at this bug, if they were aware of this or not.  I'll retarget
> and let Gary or someone else decide if it's more of a foundations area
> than malone.  If not, they can feel free to kick back to malone.

Ah, sorry ;)

-Rob